Hi,
I did it...
> After upgrading from 7.3 o 8.3 pam_ldap stopped working.
>
> LDAP server has been running on a different machine for ages, it is
> still running.
>
> Connection to the server is still there: when I enter a wrong password
> I get a distinct error message.
Hi,
After upgrading from 7.3 o 8.3 pam_ldap stopped working.
LDAP server has been running on a different machine for ages, it is
still running.
Connection to the server is still there: when I enter a wrong password
I get a distinct error message.
When I enter the correct password, I get
Don't know ... I couldn't ever get pam_ldap to work. It was caught in a
permanent wait state. The ldap server NEVER replied.
Computer Assistant
Nvita.org
12400 Midsummer Ln, Suite 201A
Woodbridge, VA 22192
Phone - (202) 455-9065
Web - http://www.nvita.org/free-shells.aspx
---
Hello freebsd users!
I've got Openldap 2.4.23 that used as authentication and authorization
server for about 40-50 servers.
OS - FreeBSD 8.1.
It's not heavy loaded.
openldap# top -SP
last pid: 45647; load averages: 0.15, 0.15, 0.07
up 81+22:29:21 15:18:57
99 processes: 3 running, 80 sleep
getent group', even 'id' on an OpenLDAP backed up
user is successfully.
But when it comes to a login via sshd, login fails with this error
(loged on Linux Ubuntu in /var/log/auth.log):
Mar 18 12:01:00 freyja sshd[26824]: Failed password for testuser from
192.168.0.128 port 40734 ssh2
getent group', even 'id' on an OpenLDAP backed up
user is successfully.
But when it comes to a login via sshd, login fails with this error
(loged on Linux Ubuntu in /var/log/auth.log):
Mar 18 12:01:00 freyja sshd[26824]: Failed password for testuser from
192.168.0.128 port 40734 ssh2
getent group', even 'id' on an OpenLDAP backed up
user is successfully.
But when it comes to a login via sshd, login fails with this error
(loged on Linux Ubuntu in /var/log/auth.log):
Mar 18 12:01:00 freyja sshd[26824]: Failed password for testuser from
192.168.0.128 port 40734 ssh2
and 'getent group', even 'id' on an OpenLDAP backed up
> user is successfully.
>
> But when it comes to a login via sshd, login fails with this error
> (loged on Linux Ubuntu in /var/log/auth.log):
>
> Mar 18 12:01:00 freyja sshd[26824]: Failed password for
cessfully.
But when it comes to a login via sshd, login fails with this error
(loged on Linux Ubuntu in /var/log/auth.log):
Mar 18 12:01:00 freyja sshd[26824]: Failed password for testuser from
192.168.0.128 port 40734 ssh2
Mar 18 12:01:23 freyja sshd[26854]: pam_ldap: error trying to bind
On Sat, Apr 17, 2010 at 4:13 PM, Alejandro Imass wrote:
> On Fri, Apr 16, 2010 at 8:44 AM, Valentin Bud
> wrote:
> > Hello community,
> >
> > I am working these days on implementing a centralized
> [...]
>
> > The problem is that pam_ldap wants the memberUid
On Fri, Apr 16, 2010 at 8:44 AM, Valentin Bud wrote:
> Hello community,
>
> I am working these days on implementing a centralized
[...]
> The problem is that pam_ldap wants the memberUid attribute to contain the
> user's DN and there is
> no option to change this beh
authentication from LDAP I noticed that one can use
security/pam_ldap from ports
and net/nss_ldap so that the name service switch can get groups/passwd info
from LDAP too.
I have successfully configured OpenLDAP and created a user as follows:
dn: cn=Valentin BUD,ou=people,dc=example,dc=com
objectClass: top
Hi,
I'm trying to authenticate users from OpenLDAP. In LDAP userPassword
fields are crypted. So I'm trying to use "pam_password crypt" option in
ldap.conf.
But in LDAP log the the password data from pam_ldap module always is in
clear text. What could be wrong? Thanks in advan
Quoting "Stephen Allen" <[EMAIL PROTECTED]>:
Hello,
I'm pretty sure I've done all the necessary steps to be able to ssh
to my FreeBSD box using pam_ldap, but I'm getting "Invalid
credentials" errors whenever I try (I can successfully perform an
Hello,
I'm pretty sure I've done all the necessary steps to be able to ssh to
my FreeBSD box using pam_ldap, but I'm getting "Invalid credentials"
errors whenever I try (I can successfully perform an ldapsearch
operation though).
Here are snippets from my config:
--On Thursday, March 27, 2008 11:17:26 +0100 Frank Bonnet <[EMAIL PROTECTED]>
wrote:
Setting up pam ldap ssh access on a FreeBSD box takes less than five
minutes *after* installing the correct ports.
1) net/openldap-client
2) security/pam_ldap
Then configure ldap.conf (in /usr/loc
access that use PAM_LDAP on a freebsd 6/7 machine !
I have no problem on a Linux Debian etch box ...
Where are we going if Linux works better than BSD ? :-)
Setting up pam ldap ssh access on a FreeBSD box takes less than five
minutes *after* installing the correct ports.
1) net/openldap-cl
Please don't top post. It disrupts the flow of the conversation. (See
below for my response.)
--On Wednesday, March 26, 2008 4:01 PM +0100 Frank Bonnet
<[EMAIL PROTECTED]> wrote:
Hello
After having spent several hours on it I can't have a working
ssh access that use PAM_L
Hello
After having spent several hours on it I can't have a working
ssh access that use PAM_LDAP on a freebsd 6/7 machine !
I have no problem on a Linux Debian etch box ...
Where are we going if Linux works better than BSD ? :-)
Brian A. Seklecki wrote:
On Tue, 2008-03-25 at 16:31
On Tue, 2008-03-25 at 16:31 +0100, Frank Bonnet wrote:
> Hello Brian
>
> Thanks for the quick answer but I'm still in trouble
Turn on the debugging flags in the configuration file for pam_ldap
in /usr/local/etc and watch the console on the system.
~BAS
> we I try to s
/local/etc/nss_ldap.conf
#debug 1
Higher levels for fun.
~BAS
On Tue, 2008-03-25 at 15:34 +0100, Frank Bonnet wrote:
> Hello
>
> I can't get a working sshd access using pam_ldap and nss_ldap
>
> /etc/nsswitch.conf is OK
>
> but I'm having difficulties to configure
Hello
I can't get a working sshd access using pam_ldap and nss_ldap
/etc/nsswitch.conf is OK
but I'm having difficulties to configure pam_ldap for a ssh access
on a machine ( 6.3 or 7.0 ) ... I have been trying a lot to configure
the /etc/pam.d/sshd file but haven't any success
ompat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files
And I changed some lines in /etc/pam.d/sshd,login,system,other like this
*commented out due to system gets stuck forever when enab;ed
nss_ldap/pam_ldap):
I'm using softbind and a short timeo
ompat: nis
> hosts: compat
> networks: files
> #passwd_compat: nis
> shells: files
> services: compat
> services_compat: nis
> protocols: files
> rpc: files
>
> And I changed some lines in /etc/pam.d/sshd,login,system,other like this
> *commented out due to system gets stuc
Alexandre Biancalana wrote:
On 10/26/07, O. Hartmann <[EMAIL PROTECTED]> wrote:
playing with ldapsearch gets results as expected. Doing ldapsearch witch
-D and dn of the admin results in the whole DIT as expected, accessing
the DIT with uid=user,ou=users,dc=... the same. Accessing LDAP server
Alexandre Biancalana wrote:
On 10/26/07, O. Hartmann <[EMAIL PROTECTED]> wrote:
playing with ldapsearch gets results as expected. Doing ldapsearch witch
-D and dn of the admin results in the whole DIT as expected, accessing
the DIT with uid=user,ou=users,dc=... the same. Accessing LDAP server
On 10/26/07, O. Hartmann <[EMAIL PROTECTED]> wrote:
> playing with ldapsearch gets results as expected. Doing ldapsearch witch
> -D and dn of the admin results in the whole DIT as expected, accessing
> the DIT with uid=user,ou=users,dc=... the same. Accessing LDAP server
> from client via LUMA (too
Alexandre Biancalana wrote:
On 10/26/07, O. Hartmann <[EMAIL PROTECTED]> wrote:
Ulrich Spoerlein wrote:
On Sun, 21.10.2007 at 18:26:55 +0200, O. Hartmann wrote:
At this point it seems senseless to try out what's going wrong and I need
some hints or tipps. I read about others su
On 10/26/07, O. Hartmann <[EMAIL PROTECTED]> wrote:
> Ulrich Spoerlein wrote:
> > On Sun, 21.10.2007 at 18:26:55 +0200, O. Hartmann wrote:
> >
> >> At this point it seems senseless to try out what's going wrong and I need
> >> some hints or tipps. I read about others successfully running OpenLDAP o
s
hosts: compat
networks: files
#passwd_compat: nis
shells: files
services: compat
services_compat: nis
protocols: files
rpc: files
And I changed some lines in /etc/pam.d/sshd,login,system,other like this
*commented out due to system gets stuck forever when enab;ed
nss_ldap/pam_ldap):
system:
#
# $F
-sasl-client-2.3.38
openldap-server-2.3.38
pam_ldap-1.8.2
Cheers,
Ulrich Spoerlein
--
It is better to remain silent and be thought a fool,
than to speak, and remove all doubt.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/ma
.
--per
Well, great, I appreciate your help and by teh way, you're the first one
telling he's running FBSD 7 AND OpenLDAP/nss_ldap/pam_ldap.
OpenLDAP is running well on the server, I can access the DIT via some
tools like LUMA and the OpenLDAP clients from remote machines.
A maj
O. Hartmann wrote:
For weeks now I tried to get an OpenLDAP-server on a local FreeBSD
7.0-PRE box running, but with no success. Within the last 8 weeks I
tried nearly EVERY tutorial and there explained setups, but whenever I
try to authenticate or find an ID for an existing user in the DIT, I
For weeks now I tried to get an OpenLDAP-server on a local FreeBSD
7.0-PRE box running, but with no success. Within the last 8 weeks I
tried nearly EVERY tutorial and there explained setups, but whenever I
try to authenticate or find an ID for an existing user in the DIT, I
receive either error
Jonathan McKeown wrote:
There are two relevant PRs, one open (bin/71290)and one suspended (bin/59638).
...
You may want to try asking this on current@ and hackers@ lists.
signature.asc
Description: OpenPGP digital signature
I asked this on -hackers@ several weeks ago and the silence was deafening -
what I have heard referred to as Warnock's Dilemma.
I'm experimenting with OpenLDAP, pam_ldap, and pgina with the PAM plugin on
Windows clients, for central authentication in a mixed network.
passwd(1) won&
. PAM_ldap reports "Invalid credentials" in /var/log/messages
We have another server called access2 that authenticates to the the ldap
server running on access1. those users log in via ssh without issue on
access2.
I am trying to track down what is broken. I am not even sure how to
recei
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 8/9/07, Noah wrote:
> running FreeBSD 6.2 Stable
>
> we have openLDAP installed on a server called access1. Users on access1
> appear to not be able to ssh to access1. The ssh authentication method
> uses PAM ldap. PAM_ldap r
running FreeBSD 6.2 Stable
we have openLDAP installed on a server called access1. Users on access1
appear to not be able to ssh to access1. The ssh authentication method
uses PAM ldap. PAM_ldap reports "Invalid credentials" in /var/log/messages
We have another server called ac
Hi,
I am not sure why this happens but out terminal servers, routers, and
ancillary devices are able to authenticate with our LDAP server. For
some reason pam_ldap claims "Invalid credentials" with the same exact
user and password.
What could be wrong? I cant seem to figure o
On Wednesday 04 July 2007 09:35, Eric Masson wrote:
> Thierry Lacoste <[EMAIL PROTECTED]> writes:
>
> Hello,
>
> > I have a very similar setting on 6.1
> > Maybe you have an ACL problem (see below).
> > What does the following command give?
> > ldapsearch -x -D "cn=testuser,ou=people,dc=interne,dc=
Eric Masson <[EMAIL PROTECTED]> writes:
Follow up to myself, sorry
> The command asks for an ldap password that I type but, the result is :
> ldap_bind: Invalid credentials (49).
>
> I've double checked the password and reinitialized the ldap database,
> but no change atm.
I've rebuilt all ports
Thierry Lacoste <[EMAIL PROTECTED]> writes:
Hello,
> I have a very similar setting on 6.1
> Maybe you have an ACL problem (see below).
> What does the following command give?
> ldapsearch -x -D "cn=testuser,ou=people,dc=interne,dc=example,dc=org" -W
The command asks for an ldap password that I t
I have a very similar setting on 6.1
Maybe you have an ACL problem (see below).
What does the following command give?
ldapsearch -x -D "cn=testuser,ou=people,dc=interne,dc=example,dc=org" -W
>
> base dc=interne,dc=example,dc=org
> uri ldap://127.0.0.1:389/
>
> logdir /var/log/ldap
> #debug 256
>
er
uid=2000(testuser) gid=2000(test) groups=2000(test)
testuser can't log on the box (authentication failed). The following
message pops on the console :
Jul 3 19:08:03 box login: pam_ldap: error trying to bind as user
"cn=testuser,ou=people,dc=interne,dc=example,dc=org" (Invalid c
I have a system running 6.1-RELEASE, OpenLDAP 2.3.23, Pam-LDAP 1.80
and NSS-LDAP 1.249.
I have a user, called testuser configured in LDAP.
I can ssh [EMAIL PROTECTED] and it works no problem.
If I try to ssh into the box from another host, it fails. What I see
in the ssh debug during the f
of documents).
I'm doing this on a virgin 6.0 installation, cvsuped with the latest
ports,
fresh install of openldap22, pam_ldap and nss_ldap.
So the question is, is this a common problem, if not then what I am
doing wrong to create it, if so then is there a more ele
pam_ldap, nss_ldap not found.
--
GANBARE! NIPPON!
Yahoo! JAPAN JOC OFFICIAL INTERNET PORTAL SITE PARTNER
http://pr.mail.yahoo.co.jp/ganbare-nippon/
___
freebsd-questions@freebsd.org mailing list
http
On Thu, May 12, 2005 at 05:11:03PM -0500, Benjamin J Doherty wrote:
> I've been struggling with pam_ldap for three days now and cannot see
> what I am doing wrong. I'm trying to use OpenLDAP for
> authentication, though I threw nss_ldap in for good measure. What's
Friends,
I've been struggling with pam_ldap for three days now and cannot see
what I am doing wrong. I'm trying to use OpenLDAP for
authentication, though I threw nss_ldap in for good measure. What's
so baffling to me is that I can add a new user to the directory and
verif
7;t remember exactly, and found another
explanation on how to set things up. As far as I remember, my problem
was with ldap.conf and nss_ldap.conf files which reside in
/usr/local/etc/. This files must be identical, so you may symlink
them, as I did. After that everything started to work, in my case s
/usr/local/etc/pam_ldap/ssh.conf
host 127.0.0.1
port 389
base dc=all,dc=net
ldap_version 3
ssl off
tls_ciphers HIGH:MEDIUM:+SSLv2:RSA
tls_checkpeer no
pam_login_attribute uid
east# cat /etc/pam.d/sshd
#
# $FreeBSD: src/etc/pam.d/sshd,v 1.15 2003/04/30 21:57:54 markm Exp $
#
# PAM configuration for
xactly, and found another
explanation on how to set things up. As far as I remember, my problem
was with ldap.conf and nss_ldap.conf files which reside in
/usr/local/etc/. This files must be identical, so you may symlink
them, as I did. After that everything started to work, in my case ssh
through pam
I tried this one:
http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_nss_ldap_mini-HOWTO.html
and it emphatically does not work, and I followed it to the letter I
think it has something to do with NSS only using SSL/port 636.
so then I tried it with that added still
Hello all,
I would greatly appreciate if someone could help me or point me to the right
place to find a solution to the following problem. I have a system
(5.3-release) configured to do user authentication through pam and ldap using
map_ldap.so and nss_ldap.so. Everything is fine with that conf
Hi.
Anyone have any insight on this?
On 18-Oct-04, at 1:07 AM, Jason Lixfeld wrote:
I'm wondering if someone can point out my error here. I've got PAM
authenticating ssh users like so:
authrequiredpam_nologin.so no_warn
authsufficient
I'm wondering if someone can point out my error here. I've got PAM
authenticating ssh users like so:
authrequiredpam_nologin.so no_warn
authsufficient pam_opie.so no_warn
no_fake_prompts
authrequisite pa
quot;error: PAM: Authentication failure"
One step closer..
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dick Davies
Sent: Friday, October 01, 2004 9:41 AM
To: Bret Walker
Cc: FreeBSD Questions
Subject: Re: Pam_ldap
* Bret Walker <[EMAIL PROTE
* Bret Walker <[EMAIL PROTECTED]> [1023 15:23]:
> I have ldap.conf in /etc/ and in /usr/local/etc/ldap.conf
The one in /etc isn't doing anything, so get rid of it.
The /usr/local/etc/ldap.conf should be holding the ad stuff
(what user to bind as , etc).
> I am able to log into the console as
gt; Sent: Friday, October 01, 2004 4:31 AM
> To: Bret Walker
> Cc: FreeBSD Questions
> Subject: Re: Pam_ldap
>
>
> * Bret Walker <[EMAIL PROTECTED]> [1028 00:28]:
> > I've been trying all day to get pam_ldap to authenticate an ssh
> > session against Active Di
* Bret Walker <[EMAIL PROTECTED]> [1028 00:28]:
> I've been trying all day to get pam_ldap to authenticate an ssh session
> against Active Directory. I thought that I had found the perfect HOWTO
> (read: one that didn't require nss_ldap), but its instructions didn't
I've been trying all day to get pam_ldap to authenticate an ssh session
against Active Directory. I thought that I had found the perfect HOWTO
(read: one that didn't require nss_ldap), but its instructions didn't seem
to get it working on my system.
I've read that can aut
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 2 Sep 2004, Curtis Vaughan wrote:
On 5.3-Beta I have installed pam_ldap and nss_ldap.
Then I edited the following files:
/usr/local/etc/ldap.conf
/etc/nsswitch.conf
files within /etc/pam.d
particularly /etc/pam.d/ldap and ./sshd and ./su
/usr
On 5.3-Beta I have installed pam_ldap and nss_ldap.
Then I edited the following files:
/usr/local/etc/ldap.conf
/etc/nsswitch.conf
files within /etc/pam.d
particularly /etc/pam.d/ldap and ./sshd and ./su
/usr/local/etc/nss_ldap.conf
I think that's it. I can provide each of those fil
On Saturday 13 March 2004 18:25, Per olof Ljungmark wrote:
> If you have a similar setup working I am very interested in how it was
> accomplished.
Allright, so here is my setup if it can help you;
note that I'm using ldap over SSL with key files.
server:
# /usr/local/etc/ldap.conf
uri ldapi://%2
Antoine Jacoutot wrote:
The ultimate goal is to create a Samba PDC, but seems far away ay the
moment...
I have this kind of setup working perfectly. Tell me what you need.
I need to figure out the interaction between OpenLDAP and the PAM
system. LDAP is working fine, Samba is fine.
/usr/local/etc/
Selon Per olof Ljungmark <[EMAIL PROTECTED]>:
> FBSD 5.2.1, nss_ldap/pam_ldap, no joy.
> Have really tried to read available documents, man pages etc., but no avail.
> If I could increase the debug level with pam perhaps it would take me
> further, could somebody please giv
FBSD 5.2.1, nss_ldap/pam_ldap, no joy.
Have really tried to read available documents, man pages etc., but no avail.
If I could increase the debug level with pam perhaps it would take me
further, could somebody please give a hint on how to?
The ultimate goal is to create a Samba PDC, but seems far
On Fri, 2004-01-23 at 21:08, Robert Fitzpatrick wrote:
> I just installed the pam_ldap port and receive the following
> instructions at the end of the install, I have 5.2-RELEASE and not sure
> which instruction to follow regarding enabling login:
>
> Copy /usr/local/etc/ldap.co
I just installed the pam_ldap port and receive the following
instructions at the end of the install, I have 5.2-RELEASE and not sure
which instruction to follow regarding enabling login:
Copy /usr/local/etc/ldap.conf.dist to /usr/local/etc/ldap.conf, then
edit /usr/local/etc/ldap.conf in order to
Dan Nelson wrote:
/bin/ls is linked statically, which means it only knows about compat,
files, nis, and dns; you can build a dynamic one, or step up and write
Ahh, thank you for this explanation. :-)
There are other strange things with -CURRENT and LDAP-setup: I have
jdk13 running on the machine
In the last episode (Oct 08), Uwe Laverenz said:
> [EMAIL PROTECTED] wrote:
> >Nevertheless the problem with file attributes persists.
>
> I have the same problem here. I guess that 'ls' doesn't care about
> nsswitch?!
/bin/ls is linked statically, which means it only knows about compat,
files, n
[EMAIL PROTECTED] wrote:
Nevertheless the problem with file attributes persists.
I have the same problem here. I guess that 'ls' doesn't care about
nsswitch?!
cu,
Uwe
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-
Hi,
I have problem to make cvs server (version 1.11.5 - the one which gets
installed as a part of 5.1 R) to authenticate users via pam_ldap.
Is there anybody who successfully runs this combination or at least knows
whether the cvs supports PAM authentication?
Any help would be really appreciated
pam_ldap authentication on my
5.1Release box. Everything seems to work fine (ftp, telnet, samba, ...)
except for ssh.
Any attempt to login (as user whose account is defined in the LDAP
directory) from a remote host using ssh end up with the error message:
"Access denied". For users register
Hi,
I just suceeded to install and configure pam_ldap authentication on my
5.1Release box. Everything seems to work fine (ftp, telnet, samba, ...)
except for ssh.
Any attempt to login (as user whose account is defined in the LDAP
directory) from a remote host using ssh end up with the error
Beste freebsd-questions,
My aim is to setup a samba PDC and BDC server for a windows network
and integrate the password database. So that any change will also
reflect the other OS. To avoid changing the password two times, or
adding a user twice. And now i got an error from the pam_ldap module
Beste freebsd-questions,
My aim is to setup a samba PDC and BDC server for a windows network
and integrate the password database. So that any change will also
reflect the other OS. To avoid changing the password two times, or
adding a user twice. And now i got an error from the pam_ldap module
On Wed, 2002-07-10 at 21:56, Igor Kulemzin wrote:
> Hi Alex,
>
> I'd jumping three times. Five times turn round. And, in conclusion,
> one time whistle...
>
> cd /usr/ports/security/pam_ldap
> make all install clean
> vi /etc/pam.conf
Yes, but you also
79 matches
Mail list logo
